06-24-2022 04:43 AM
I am trying to deploy an ASA at a remote location. I am doing it via webex, which is how I noticed this unusual behavior. When we move cables over to the ASA, the webex session continues to work for about a minute. However, no new sessions, like browsing a new web page, will work. After about a minute the webex connectivity drops and we have to move back to the old firewall. I am noticing this in the logs:
Jun 23 2022 16:44:02: %ASA-4-434002: SFR requested to drop TCP packet from inside_1:x.x.x.x/64333 to outside:x.x.x.x/80
06-24-2022 05:44 AM
do
packet-tracer using the IP and port show in log message,
I think there is ACL apply in INSIDE of FW that drop packet.
06-24-2022 05:56 AM
I will try that next time I can get a webex session going. But I don't think it is an access-list. There are virtually no ACLs configured yet, as we simply hadn't gotten that far in the configuration. I did temporarily add a 'permit ip any any' rule as part of my troubleshooting earlier, and got the same results.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide